CyberStrong FedRAMP Moderate Controls

 FedRAMP Moderate Controls

Protect data confidentiality, integrity, and availability with CyberSaint following FedRAMP security objectives.

Security Objective: Data Confidentiality

This objective is based on preserving authorized restrictions on information access and dissemination. A moderate level impact means that a confidentiality breach could have a serious impact on an organization’s proprietary information as well as individuals who work for the company.

Security Objective: Data Integrity

This objective is based on preventing unauthorized data modification or destruction. A moderate impact level means that an integrity breach could have a serious impact on the organization and its employees.

Security Objective: Data Availability

This objective is based on access to and the reliability of information. A moderate impact level means that an availability breach could have a serious adverse effect on an organization's data and employees.

FedRAMP Moderate Control Requirements

Moderate level requirements for FedRAMP have 325 controls, including…

• 43 Access Controls
• 32 Systems and Communications Protection Controls
• 28 System and Information Integrity Controls
• 27 Identification and Authentication Controls
• 26 Configuration Management Controls
• 23 Contingency Planning Controls
• 22 System and Services Acquisition Controls
• 20 Physical and Environmental Protection Controls
• 17 Incident Response Controls
• 16 Security Assessment and Authorization Controls
• 12 Maintenance Controls
• 10 Audit and Accountability Controls
• 10 Media Protection Controls
• 10 Risk Assessment Controls
• 9 Personnel Security Controls
• 6 Planning Controls
• 5 Awareness Training Controls